Spring Sale Limited Time 65% Discount Offer - Ends in 0d 00h 00m 00s - Coupon code: pass65

  1. Home
  2. Symantec
  3. Data Loss Prevention
  4. 250-587
  5. Symantec Data Loss Prevention 16.x Administration Technical Specialist Questions and Answers

250-587 Symantec Data Loss Prevention 16.x Administration Technical Specialist Questions and Answers

Questions 4

Which two detection servers are available as virtual appliances? (Choose two.)

Options:

A.

Network Monitor

B.

Network Prevent for Web

C.

Network Discover

D.

Network Prevent for Email

E.

Optical Character Recognition (OCR)

Buy Now
Questions 5

Where in the Enforce management console can a DLP administrator change the “UI.NO_SCAN.int” setting to disable the “Inspecting data” pop-up?

Options:

A.

Advanced Server Settings from the Endpoint Server Configuration

B.

Advanced Monitoring from the Agent Configuration

C.

Advanced Agent Settings from the Agent Configuration

D.

Application Monitoring from the Agent Configuration

Buy Now
Questions 6

Which type of detector integrates with Symantec CloudSOC?

Options:

A.

Cloud Detection Service for REST

B.

Cloud Detection Service for ICAP

C.

Cloud Detection Service for SMTP

D.

Cloud Prevent detector

Buy Now
Questions 7

Which two (2) actions are available for a “Network Prevent: Remove HTTP/HTTPS content” response rule when the content is unable to be removed? (Choose two.)

Options:

A.

Redirect the content to an alternative destination

B.

Block the content from being posted

C.

Encrypt the content before posting

D.

Remove the content through FlexResponse

E.

Allow the content to be posted

Buy Now
Questions 8

How should a DLP administrator exclude a custom endpoint application named “custom_app.exe” from being monitored by Application File Access Control?

Options:

A.

Add “custom_app.exe” to the “Program Exclusion List” in the agent configuration settings.

B.

Add “custom_app.exe” to the “Application Whitelist” on all Endpoint servers.

C.

Add a “custom_app.exe” Application Monitoring Configuration and de-select all its channel options.

D.

Add “custom_app.exe” as a filename exception to the Endpoint Prevent policy.

Buy Now
Questions 9

Which option is an accurate use case for Information Centric Encryption (ICE)?

Options:

A.

The ICE utility encrypts files matching DLP policy being copied from network share through use of encryption keys.

B.

The ICE utility encrypts files matching DLP policy being copied to removable storage through use of encryption keys.

C.

The ICE utility encrypts files matching DLP policy being copied to removable storage on an endpoint use of certificates.

D.

The ICE utility encrypts files matching DLP policy being copied from network share through use of certificates

Buy Now
Questions 10

Which option correctly describes the two-tier installation type for Symantec DLP?

Options:

A.

Install the Oracle database on the host, and install the Enforce server and a detection server on a second host.

B.

Install the Oracle database on a local physical host, and install the Enforce server and detection servers on virtual hosts in the Cloud.

C.

Install the Oracle database and a detection server in the same host, and install the Enforce server on a second host.

D.

Install the Oracle database and Enforce server on the same host, and install detection servers on separate hosts.

Buy Now
Questions 11

What detection technology supports partial row matching?

Options:

A.

Vector Machine Learning (VML)

B.

Indexed Document Matching (IDM)

C.

described Content Matching (EDM)

D.

Exact data Matching (EDM)

Buy Now
Questions 12

Which tool must a DLP administrator run to certify the database prior to upgrading DLP?

Options:

A.

Enforce Migration Utility

B.

SymDiag

C.

Upgrade Readiness Tool

D.

Lob_Tablespace Reclamation Tool

Buy Now
Questions 13

Which two DLP products support the new Optical Character Recognition (OCR) engine in Symantec DLP 15.0? (Choose two.)

Options:

A.

Endpoint Prevent

B.

Cloud Service for Email

C.

Network Prevent for Email

D.

Network Discover

E.

Cloud Detection Service

Buy Now
Questions 14

Which two automated response rules will be active in policies that include Exact Data Matching (EDM) detection rule? (Choose two.)

Options:

A.

Endpoint Discover: Quarantine File

B.

All: Send Email Notification

C.

Endpoint Prevent: User Cancel

D.

Endpoint Prevent: Block

E.

Network Protect: Quarantine File

Buy Now
Questions 15

Which of the following would have to be a custom attribute (and not an out-of -the-box system attribute) in incident snapshots?

Options:

A.

Network Prevent Action

B.

Endpoint Location

C.

Employee Phone Number

D.

See Before

Buy Now
Questions 16

Which detection server is available from Symantec as a hardware appliance?

Options:

A.

Network Prevent for Email

B.

Network Discover

C.

Network Monitor

D.

Network Prevent for Web

Buy Now
Questions 17

Which two factors are common sources of data leakage where the main actor is well-meaning insider? (Choose two.)

Options:

A.

An absence of a trained incident response team

B.

A disgruntled employee for a job with a competitor

C.

Merger and Acquisition activities

D.

Lack of training and awareness

E.

Broken business processes

Buy Now
Questions 18

An administrator is unable to log in to the Enforce management console as “sysadmin”. Symantec DLP is configured to use Active Directory authentication. The administrator is a member of two roles: “sysadmin” and “remediator.”

How should the administrator log in to the Enforce console with the “sysadmin” role?

Options:

A.

sysadmin\username

B.

sysadmin\username@domain

C.

domain\username

D.

username\sysadmin

Buy Now
Questions 19

What detection server is used for Network Discover, Network Protect, and Cloud Storage?

Options:

A.

Network Protect Storage Discover

B.

Network Discover/Cloud Storage Discover

C.

Network Prevent/Cloud Detection Service

D.

Network Protect/Cloud Detection Service

Buy Now
Questions 20

A DLP administrator has performed a test deployment of the DLP 15.0 Endpoint agent and now wants to uninstall the agent. However, the administrator no longer remembers the uninstall password.

What should the administrator do to work around the password problem?

Options:

A.

Apply a new global agent uninstall password in the Enforce management console.

B.

Manually delete all the Endpoint agent files from the test computer and install a new agent package.

C.

Replace the PGPsdk.dll file on the agent’s assigned Endpoint server with a copy from a different Endpoint server

D.

Use the UninstallPwdGenerator to create an UninstallPasswordKey.

Buy Now
Questions 21

What is the correct installation sequence for the components shown here, according to the Symantec Installation Guide?

Place the options in the correct installation sequence.

250-587 Question 21

Options:

Buy Now
Questions 22

Which two locations can Symantec DLP scan and perform Information Centric Encryption (ICE) actions on? (Choose two.)

Options:

A.

Exchange

B.

Jiveon

C.

File store

D.

SharePoint

E.

Confluence

Buy Now
Questions 23

Which product is able to replace a confidential document residing on a file share with a marker file explaining why the document was removed?

Options:

A.

Network Discover

B.

Cloud Service for Email

C.

Endpoint Prevent

D.

Network Protect

Buy Now
Questions 24

Which two (2) detection technology options run on the DLP agent? (Choose two.)

Options:

A.

Indexed Document Matching (IDM)

B.

Directory Group Matching (DGM)

C.

Described Content Matching (DCM)

D.

Optical Character Recognition (OCR)

E.

Form Recognition

Buy Now
Questions 25

Which statement accurately describes where Optical Character Recognition (OCR) On-Premises DLP Core components must be installed?

Options:

A.

The OCR engine must be installed directly on the Enforce server.

B.

The OCR engine must be installed on one or more detection servers.

C.

The OCR server software must by installed on one or more dedicated (non-detection) Windows servers.

D.

The OCR server software must be installed on one or more dedicated (non-detection) Linux servers.

Buy Now
Questions 26

An organization wants to restrict employees to copy files only a specific set of USB thumb drives owned by the organization.

Which detection method should the organization use to meet this requirement?

Options:

A.

Exact data Matching (EDM)

B.

Indexed Document matching (IDM)

C.

Described Content Matching (DCM)

D.

Vector Machine Learning (VML)

Buy Now
Questions 27

What detection technology supports partial contents matching?

Options:

A.

Optical Character Recognition (OCR)

B.

Exact Data Matching (EDM)

C.

Indexed Document Matching (IDM)

D.

Described Content Matching (DCM)

Buy Now
Questions 28

A DLP administrator needs to remove an agent its associated events from an Endpoint server.

Which Agent Task should the administrator perform to disable the agent’s visibility in the Enforce management console?

Options:

A.

Delete action from the Agent health dashboard

B.

Delete action from the Agent List page

C.

Disable action from Symantec Management Console

D.

Change endpoint Server action from the Agent Overview page

Buy Now
Questions 29

What is the correct order for data in motion when a customer has integrated their CloudSOC and DLP solutions?

Options:

A.

User > CloudSOC Gatelet > DLP Cloud Detection Service > Application

B.

User > Enforce > Application

C.

User > Enforce > CloudSOC > Application

D.

User > CloudSOC Gatelet > Enforce > Application

Buy Now
Questions 30

Which two Infrastructure-as-a-Service providers are supported for hosting Cloud Prevent for Office 365? (Choose two.)

Options:

A.

Any customer-hosted private cloud

B.

Amazon Web Services

C.

AT & T

D.

Verizon

E.

Rackspace

Buy Now
Exam Code: 250-587
Exam Name: Symantec Data Loss Prevention 16.x Administration Technical Specialist
Last Update: May 10, 2026
Questions: 100

PDF + Testing Engine

$63.52  $181.49
buy now 250-587 pdf + testing engine

Testing Engine

$50.57  $144.49
buy now 250-587 testing engine

PDF (Q&A)

$43.57  $124.49
buy now 250-587 pdf